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[57] ABSTRACT 

A method and system for secure transactions. The method 
and system comprise a security co-processor and an inter- 
face for interfacing the security co-processor to a host 
computer system. The method and system wherein secure 
transaction processing is performed locally in the security 
co-processor and non-secure transaction processing is per- 
formed in the host computer system. The method and system 
further include means for providing trusted input coupled to 
the security co-proccssor. In addition, the method and sys- 
tem include a second interface coupled to the security 
co-processor for receiving sensitive data from a smart card, 
and a trusted display coupled to the security co -processor for 
providing true transaction information. One advantage of the 
method and system in accordance with the present invention 
is that transactions are protected from unauthorized intrusion 
and, in addition, participation is proven so that transactions 
cannot be repudiated. Another advantage is that the method 
and system maintain compatibility with smart cards tech- 
nology. Yet another advantage is that, because the security 
co-processor has functionality, smart cards require built-in 
functionality only for storing sensitive data including 
account number and private-key and for providing digital 
signatures to prove participation. Moreover, smart cards can 
carry biomctric data to be recognized by the method and 
system for an even more reliable proof of participation and 
card-holder verification. With less built-in functionality, the 
smart cards are less complex and less expensive. Finally, the 
method and system are easily implemented with current 
technology, and the overall cost of the system is reduced. 

36 Claims, 8 Drawing Sheets 
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METHOD AND SYSTEM FOR SECURE 
TRANSACTIONS IN A COMPUTER SYSTEM 

FIELD OF THE INVENTION 

The present invention relates to a method and system for 
providing secure transactions in a computer system and 
more particularly to a method and system for providing a 
secure environment within the computer system for these 
transactions. 

BACKGROUND OF THE INVENTION 

Since computer networks have emerged as a medium for 
conducting electronic commerce and other types of 
transactions, there has always been a need for maintaining 
the integrity and validity of these transactions. However, 
conventional computer networks provide an environment 
which is fraught with security breaches that will allow 
hackers to compromise the integrity and validity of such 
transactions. 

Conventional computer networks, such as a local area 
network, a wide area network and/or a public network (e.g. 
the Internet), link personal computers and workstations to 
one or more servers and to each other. This envirorunent 
permits computer users to interact with the servers or with 
each other. Transactions between computer users or between 
computer users and servers are processed using applications 
which are executed on conventional operating system plat- 
forms such as OS/2®. Windows®, UNIXC® etc. These 
transactions include high value electronic commerce and 
other private transactions which use confidential or sensitive 
data such as bank, credit and debit accounts information. 

However, computer hackers can "invade" data resident on 
computer disk and in memory as wcU as data associated with 
real time processing. Therefore, any data, sensitive or 
otherwise, passing through or stored in the computers can be 
compromised by hackers or intruders that can gain access to 
it via the computer network. Moreover, even if the sensitive 
data were to be encrypted, other sensitive data inside the 
computers may be susceptible to attack when, for example, 
the computer systems download and execute rogue pro- 
grams. A rogue program allows hackers to surreptitiously 
capture the computer users' name, home address. E-mail 
address etc, without being noticed. Computer hackers can 
then use the sensitive data to impersonate the computer users 
and thereby perform fraudulent transactions. 

In this environment secure transactions become very 
difiScult. As a resuh, conventional computer systems now 
use smart cards for secure transactions. A conventional 
smart card with considerable buUt-in functionality includes 
an 8 bit microcontroller, a read only memory (ROM), an 
EEPROM (electronically erasable programmable ROM), a 
random access memory (RAM), and other optional periph- 
eral devices, e.g., cryptographic unit. The EEPROM holds 
the sensitive data which is personal to the individual smart 
card holder, the ROM holds a transaction application pro- 
gram code, and the RAM holds temporary variables. In the 
cryptographic unit, which can be a multiplexer or other 
cryptography engine, the sensitive data is encrypted. 

Smart cards vary in level of their built-in functionality 
which includes storage and processing of sensitive data. The 
sensitive data is provided to smart cards instead of the 
computer disk or memory in order to protect it against 
unauthorized access. Thus, smart cards can replace the 
computers in storing and processing of the sensitive data. 

It is noted that if smart cards were to include a complete 
built-in functionality which would preclude any processing 
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of sensitive data in the conventional computer system, these 
smart cards would provide an adequate security environment 
for electronic transactions. However, the more built-in func- 
tionality the more expensive the smart cards becomes. 
5 Notwithstanding the cost, implementation of the built-in 
functionality is limited by physical constraints of smart 
cards. 

Typically, a die size of 5 mmx5 mm would be used to 
implement the built-in functionality of smart cards because 

10 a larger die size would degrade the abiUty to connect to 
them. Also, the chips embedded in smart cards can crack 
more easily because the smart cards are typically stored in 
physical wallets which are put in back pockets. Furthermore, 
the IS07816 standard, which is an industry standard for 

15 smart cards, imposes a bending limitation on smart cards. 
Since a larger die cannot bend the smart cards must be small. 
Finally, the current capacity of smart cards is 50-100 mA. 
By comparison, a typical processor with extensive built-in 
functionality has a current capacity 40 times higher, 

20 Therefore, including complete built-in functionality in smart 
cards is not feasible. 

As a result, at least some processing of the sensitive data 
must be performed in the conventional computer system in 
a non-secure manner. The sensitive data remains resident on 
a smart card until it is needed by the computer for process- 
ing. Once it is read from the smart card and transferred for 
processing to the computer the sensitive data becomes 
vulnerable to unauthorized access. Therefore, the use of 
smart cards with conventional computer systems does not 
entirely solve the problem of providing a secure environ- 
ment for conducting electronic transactions. 

This problem is compounded when, in conventional com- 
puter systems, sensitive data is entered on a keyboard and 
transferred to the computer for processing. For example, 
personal identification numbers (PIN), typically used for 
unlocking private or limited access accounts, can be stolen 
once they are entered on the keyboard by the computer user. 

Furthermore, access to display controllers of computers 
permits rogue programs or viruses to produce erroneous or 
falsified displays which replace or conceal material infor- 
mation such as transaction values. As a result, fraudulent 
transactions can remain undetected. Also, when the display 
is compromised one or more of the transacting parties have 

45 inconsistent misleading displays. The inconsistency of the 
displays can give rise to claims that there was no meeting of 
the minds, and that the transactions are therefore invalid and 
unenforceable. As a consequence, such transactions can be 
easily repudiated by one or more of the transacting parlies. 

50 Therefore, conventional systems utilizing smart cards fail 
to provide real secure transactions. Moreover, in this envi- 
ronment it can be difficult to authenticate transactions for the 
pmrpose of enforcing them as valid agreements between the 
transacting parties. For example, individuals who change 

55 their minds after concluding the transactions can repudiate 
the transactions by claiming that a security breach allowed 
hackers to transact in their place. Without proof that the 
repudiating party participated in the particular transaction 
(s), the other transacting parties are left without recourse. 

60 Therefore, what is needed is a system which provides a 
secure environment for electronic commerce and other types 
of confidential transactions. The system is also needed in 
order to allow transactions with smart cards including smart 
cards having less than a complete built-in functionality. The 

65 system is further needed in order to reduce the cost of the 
smart cards and, in turn the overall cost of the system. The 
system is additionally needed to allow uncompromised 
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acknowledgment and authentication of the transactions. more particularly to a method and system for providing a 

Finally, the system needs to be easily implemented with secure environment within the computer system for these 

existing technology. The present invention provides a transactions. The following description is presented to 

method and system for addressing the foregoing problems. enable one of ordinary skill in the art to make and use the 

, S invention and is provided in the context of a patent appli- 

SUMMARY OF THE INVENTION -^^ requirements. Varioiis modifications to the 

Amethod and system for secure transactions. The method preferred embodiment will be readily apparent to those 

and system comprise a security co-processor and an inter- skilled in the art and the generic principles herein may be 

face for interfacing the security oo-processor to a host appUed to other embodiments. Thus, the present invention is 

computer system. In the method and system the secure lo not intended to be limited to the embodiment shown, but is 

transaction processing is performed locally in the security to be accorded the widest scope consistent with the prin- 

co-processor and non-secure transaction processing is per- ciples and features described herein, 

formed in the host computer system. The method and system Computer users interact with each other in order to 

further include means for providing trusted input coupled to conduct transactions electronically through computer net- 

the security co-processor. In addition, the method and sys- 15 works. TYansactions conducted over computer networks are 

tem include a second interface coupled to the security commonly referred to as electronic transactions. FIG. 1 is a 

co-processor for receiving sensitive data from a smart card, block diagram of a conventional system 10 for performing 

and a trusted display coupled to the security co -processor for electronic transactions. 

providing true transaction information. ^ illustrated in FIG. 1, the system 10 includes a personal 

One advantage of the method and system in accordance 20 computer or workstation (computer) 14 which is equipped 

with the present invention is that transactions are protected ^vjth a computer disk and memory (disk) 16. The computer 

fromunauthorizedintnisionand, in addition, participation is 14 linked to other computers (not shown) through the 

proven so that transactions cannot be repudiated. Another network 12. The network 12 can be a local area network 

advantage is that the method and system maintain compat- Unking computers in one building, a wide area network 

ibility with smart cards technology. Yet another advantage is 25 liuj^jjig computers of one organization located in separate 

that, because the security co-processor has considerable buildings, a public network such as the Internet, etc, 

functionality, smart cards require built-in functionality only ^ ^^j^^^^ application programs for conducting 

for storing sensitive data including account number and electronic transactions (electronic transactions appUcations) 

private-key and for providing digital signatures to prove are executable on one of the conventional operating system 

participation. Moreover, smart cards can carry biometnc 30 p^^^^^j^^ ^^^.j^ oS/2®, Windows®, UNIX® etc. It is 

data to be recognized by the method and system for an even generally known that conventional operating system plat- 

more reliable proof of participation and card-holder verifi- ^^j^ ^^^^^^^ ^ non-secure computing environment for 

cation. With less built-m functionality, the smart cards are executing the electronic transactions applications. In the 

less complex and less expensive. Finally, the method and ^on-secure computing environment, confidential informa- 

system are easily implemented with current technology, and 35 ^^^^^^^ ^ electronic transactions (sensitive data) can 

the overall cost of the system is reduced. ^^^y compromised. Breaching the security of commu- 

BRIEF DESCRIPTION OF THE DRAWINGS nications and electronic transactions in conventional sys- 

^ ^ . , . tems can include the decoding of files containing crypto - 

HG. 1 IS a block diagram of a conventional system for j^.^ ^ ^^^^^ unlocking access to other systems, 

performing electromc transactions. a j- 1 j r • *t. ■ . a 

*r. ^ 1 Accordingly, the need for preserving the mtegnty and 

HG. 2A is a diagram of a conventional certificate struc- protecting the validity of electronic transactions gave rise to 

, , alternative systems and methods. These systems and meth- 

FIG. 2B is a diagram of a conventional certificate chain ods provide a more secure environment for conducting 

for authendcating electronic transactions. electronic transactions. 

FIG. 3 is a block diagram of a conventional system for known that transaction information can be authenti- 

performing secure electronic transactions. ^ated within a computer system. Electronic transactions 

FIG. 4 is a block diagram of a system including a security applications are typically associated with well-known 

co-processor in accordance with the present invention. public-key cryptography algorithms which utilize a key-pair 

FIG, 5 illustrates a firewall including an interface com- 50 of a public key and a private -key for authentication. The 
munication protocol for secure electronic transactions in a public-key is data available in the public domain. The 
system with the security co-processor in accordance with the private-key is sensitive data personal to its owner. Private- 
present invention. keys are provided to individuals on smart cards issued to 

FIG. 6 is a more detailed block diagram of the security them by organizations such as banks, credit companies, 

co-processor in accordance with the present invention. ss employers, etc. 

FIG. 7 is a flow diagram of the digital signing process for A digital certificate binds the key-pair to a name thus 

authenticating electronic transactions in the system with the providing a digital identity. The digital certificate is used to 

security co-processor. verify that the public-key belongs to the particular individual 

FIG. 8 is a block diagram of a two tier memory system in using it. FIG. 2A is a diagram of a conventional certificate 

accordance with the present invention. 60 structure. A conventional certificate structure conforms, for 

FIG. 9 is a flow diagram of building a trusted certificate example, with the X509.v3 standard certificate structure. A 

cache in system with the security co-processor. conventional digital certificate 500 mcludes a user name 

502, a certificate vaUdity date 504, and the public-key 508, 

DETAILED DESCRIPTION OF THE -j^e certificate is "signed" by a mutuaUy trusted authority 

INVENTION g5 ^^e., trusted by the public-key user and his transacting 

The present invention relates to a method and system for party). The mutually trusted authority, commonly known as 

providing secure transactions in a computer system and the certificate authority or issuing authority 506, authenti- 
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cates the public-key user identity by providing a signature for a person with whom they wish to communicate securely 

510, verifying that the public-key really belongs to the and encrypt a message to them in their public key. 

public-key user, FIG. 3 is a block diagraiD of a conventional system 20 for 

With publickey cryptography, a message, encrypted or performing secure electronic transactions. As iUustrated, the 
unencrypted, can be "signed" with the private-key and 5 system compnscs a computer 24 which performs secure 

transmitted to an addressee. Then, the addressee, or anyone transacUons with a smart card 26. The computer 24, typi- 

u • *u ur 1 *u .ur« i™. ^-.^:«u-^ tu- cally receives one of the smart card 26 at a time. Ine 

having the public-key, can use the pubhc-key to dcciphe the ^^^^^^^ ^ ^.^^^^ ^^^^^^ 

message and know who sent it. Digital certificates aUow and the computer 14 of FIG. 1. Smart card 26 includes 

authenticating messages by tracmg the messages to Uicir ^^jj^,.^ functionality for storing and processing sensitive 
source. Typically, a certificate cham is used for this purpose. 10 ^^^^ ^^^^^^^^ personal data and the private-key. 

FIG. 2B is a diagram of a certificate chain for authenti- with a smart card 26, the sensitive data is not accessible 

eating electronic transactions. A certificate chain having a by computer hackers. Therefore, sensitive data is not subject 

root certification authority 522 allows individuals in differ- to "attack" by computer hackers unless and until it is read 

ent countries and regions to electronically transact with each firom the smart card 26 and transferred to the computer 24 

other. The root certification authority 522 allows certifica- for further processing and transmission over the network 22 

tion authorities in various countries, and regions within to other computers, 

those countries, to issue digital identities to individuals. The However, access to data stored inside the computer 24 as 

certificate chain creates a trust relationship where trust flows well as access to data used inside the computer 24 during 

upwards from each transaction party to the root certification real-time processing renders the data including the sensitive 
authority 522. For example, there may be a Japanese certi- ^° data vuhierable to attack. Accordingly, sensitive data which 

ficatioD authority 528, a French certification authority 526, has been transferred to the computer 24 is typically erased 

and a U.S. certification authority, each issuing digital iden- from the computer 24 after it is no longer needed. However, 

tities to Japanese, French and U.S. residents, respectively. In it is very difficult to ensure that data has been correctly 

Japan, a Tokyo region certification authority 538 may issue erased from the computer system m nonsecure operating 

a digital identity 546 to J. Yen. In France, a Paris region ^V^f f J^^^ ^//^ °^^y temporanly stored operaUng 

certification authority 536 may issue a digital identity 544 to ^^f ^ ^^^f ^ ^^^.^ ^°°^P^.»1^ ^X^''^^ ^ ^'^^r^' 

c 1 F *u nc *u «r ™^/fi^o*™ Whenever the sensitive data is resident 10 the computer 24, 

F. Frank. In the U.S., there may be an East certificaUon ^ ^ ^^^^^^ ^^^^ ^.^^ trap-door attacks, 

authority 534, a Mid-west cerUficatioo au hority 532 and a ^.^^^ ^^^^ inadvertently introduced into the 

West certificauon aulhonty 530. The West certification computer 24 by the computer user who down loads and 

authority 530 may issue a digital identity to a California executes rogue programs which surreptitiously capture the 

certification authority 540 which, in turn, may issue a digital sensitive data. Once the security of the electronic transac- 

identity 542 to A. Doc. ^^^^ applications is compromised, the captured sensitive 

When A. Doe, a California resident, wants to conduct data can be used to impersonate the computer user, 

electronic transactions by exchanging messages with J. Yen mechanism that can be used to minimize the com- 

in Japan and/or with F. Frank in France, A. Doe needs to be promising of security is by processing the transaction 

sure that the electronic transactions are conducted with J. entirely on the smart card 26. This, however, is not a viable 

Yen and/or F. Frank and not with impostors. Through alternative for processing complex electronic transactions 

existing certificate technology, it is possible to verify the protocols because a smart card 26 is constrained by die size 

digital identity of a sender of transaction messages by restrictions, as well as power restrictions. The physical 

traversing upwards through the certificate chain. In checking restrictions increase tiie costs of producing a smart card and 

the digital certificate in someone's message, A. Doe can ^^5^^ t^eir built-in functionality. The cost of producing a 

check if there is a valid digital identity in the person's digital g^^^^ ^.^rd increases as in their built-in functionality 

certificate. That is, A. Doe can check if in J, Yen's message increases to the point wherein some business models cannot 

there are valid certification authority signatures of the Tokyo ^^^^ advantage of this technology. 

region certification authority 538, the Japan certification environment, the need for preserving the integrity 

authority 528, and the root certification authority 522. protecting the validity of the electronic transactions 

Public-private-key cryptography is characterized in that it cannot be effectively met. Accordingly, the present invention 

is an asymmetric cryptography wherein if transformation is . directed toward a system and method for satisfying this 
(encryption) is done with tiie user's public-key, only the 50 need. A key feature of the present invention is the fact that 

user's private-key will do the reverse transformation electronic transactions apphcations can be executed in a 

(decryption). That is, only one of the keys is needed on each secure computing environment outside the reach of com- 

side, one for the transformation and the other for the reverse puter hackers without requiring all the security functionality 

transformation, respectively. being buiU into tiie smart card. In a system having an 

In contrast, symmetric key cryptography uses one key, 55 architecture in accordance with the present invention, the 
which both sides use to encrypt and decrypt their messages, secure computing environment can be separated from the 
One side encrypts a message using the key, and the other traditional computing environment by a firewall, and there- 
side uses the same key to decrypt the message. This key fore processing in the system is distributed between the 
must be kept secret; if an unauthorized person obtains the secure and traditional computing environments. The non- 
key, he can read all the encrypted communications. Thus, 60 secure portion of electro rue transactions applications can 
key distribution is a critical concern — there are no pubUc continue to operate in the traditional non-secure computing 
keys which can be freely distributed, all keys must be kept environment, while the secure portion of these applications 
secret and a highly secure distribution scheme must be is executed in the secure computing environment. Thus, the 
devised to preserve the security of the system. Private- distributed processing plays a significant part in protecting 
public-key systems allow parties who haven't previously 65 the sensitive data. The system and method in accordance 
met to communicate securely. Since the public keys can be with the present invention are described in more detail 
widely distributed, anyone can get a copy of the public key below. 



03/05/2004, EAST Version: 1.4.1 



6,092,202 

7 8 

FIG. 4 is a block diagram of a system 100 including a antee that the amount(s) displayed correctly represeat the 

security co-processor 122 in accordance with the present values of the electronic transactions in progress, 

invention. The security co-processor 122 includes a host The computer user can compare the transaction amount(s) 

interface 120 for interfacing with a host computer displayed on the trusted display 128 with amount(s) dis- 
(compuler) 114 which is, in turn, connected to a network 5 played on the display 116 of the computer 114. For example, 

110. The host interface 120 includes a interface 134 which in an electronic transaction involving exchange of goods or 

is described herein below in more detail. transfer of money, a $5000 transaction may be shown as 

It should be understood that the location of the security only a $500 transaction on the computer 114 display 116. 

co-processor 122 can vary and, without departing from the When such a conflict is discovered, the computer user is 

scope and spirit of the present invention, it can be fixed thereby alerted to a possible tampering or attack, 

inside or outside the computer 114 or the keyboard 118, as Additionally, the trusted display 128 provides a visual 

long as the secure computing environment 104 is separate feedback to the computer user when, for example, the 

from the traditional computing environment 102. Preferably, computer user enters a PIN (personal identification number) 

the security co-processor 122 functions as an outboard to unlock the computer user's account. In conventional 
processor separate from a processor inside the host computer 35 systems (such as system 20 of FIG. 3), when entering 

114. sensitive data on a keyboard, the sensitive data is transferred 

The security co-proccssor 122 interfaces with a trusted from the keyboard to the computer (24), and there it 

display 128 and a trusted input 130. The security becomes vulnerable to attack. In contrast, the system 100 in 

co-processor 122 further includes a smart card interface 124. accordance with the present invention prevents the sensitive 
The security co-processor 122 interfaces with smarts cards ^° data such as the PIN from passing through the computer 114. 

126 which, as explained, arc portable security devices for To that end, control over keyboard entries is taken over 

holding the sensitive data. The security co-processor 122 is the by the security co-processor 122, The security 

preferably compatible with smart cards 126 conforming with co-processor 122 determines if the keyboard entries provide 

the IS07816 standard for smart card communications. It sensitive data or not. If the keyboard entries provide data 

should be understood however, that compatibihty of the which is not sensitive, the data is transferred to the computer 

security co-processor 122 with other types of smart cards 114 to be processed in the traditional computing environ- 

126 is within the scope and spirit of the present invention. ment 102. If the keyboard entries provide sensitive data, the 

The system 100 architecture in accordance with the sensitive data is captured by the security co-processor 122 

present invention, with the secure computing environment for processing in the secure computing environment 104. In 

104 being separated from the traditional computing envi- this case, the LED 132 is turned on by the security 

ronment 102 by the interface 134, enables the distributed co-processor 122 in order to provide an indication to the 

processing of the electronic transactions. The distributed computer user of the secure mode. 

processing is characterized in that the security co -processor In one embodiment, the keyboard 118 is converted into 

122 is responsible for retrieving the sensitive data from the the trusted input device 130 by removing the conventional 

smart cards 126 and processing the sensitive data locally. electronics from the keyboard 118 and in place thereof 

In the secure computing environment 104 provided by the embedding therein the security co-processor 122 and other 

security co-processor 122, the sensitive data is encrypted compatible components, wherein one of the applications 

and/or wrapped in cryptographically signed messages. The executed by the security co-processor is a keyboard appli- 

encrypted sensitive data and/or cryptographically signed cation. In this configuration, all the data provided by the 

messages are then passed to the traditional computing envi- keyboard entries passes through the security co-processor 

ronment 102 of the computer 114 for completion of the 122 which determines whether the data should be handed to 

electronic transactions processing. The computer 114 sends the computer 114 or whether it should be processed locally 

transaction information containing the cryptographically by the security co-processor 122. 

signed message to another computer linked to it through the 45 In another embodiment, the system 100 includes the 

network 110. Thus, in the system in accordance with the keyboard 118 and, in addition, the trusted input device 130. 

present invention, the sensitive data is never processed by In this configuration, the security co-processor 122 is not 

the computer 114 in the traditional computing environment embedded in the keyboard 118 but is attached to the trusted 

102 and it is therefore not susceptible to attack. input device 130, wherein the trusted input device is dedi- 

Since it is possible for bugs, viruses or rogue programs to 50 cated to the secure computing environment 104. 

adversely affect the electronic transactions applications, the In yet another embodiment, the secure computing envi- 

present invention addresses this problem by providing for ronment 104 can operate as a personal automatic teller 

additional security in the form of a trusted input and display. machine (ATM) system that can be used for general purpose 

To that end, in addition to the security co -processor 122, the or commercial electronic transactions which do not require 
secure computing environment 104 includes a trusted dis- 55 a full keyboani capability. The ATM includes a dedicated 

play 128 and a trusted input device 130 which includes a trusted keypad 130 interfaced through an RS 232 interface 

secure mode indicator such as a LED 132. (not shown) and a trusted display 128. 

The trusted display 128 is separate and can be signifi- In either one of the above embodiments, the security 
canUy different from the display 116 of the computer 114. co-processor 122 and the trusted input device 130 together 
The trusted display 128 is a dedicated display used for 60 prevent unauthorized access to keyboard entries which pro- 
displaying data representing true transaction information vide the sensitive data. This, for example, prevents capture 
such as transaction amount(s). The trusted display 128 can of the PIN numbers for unlocking the computer users' 
be, for example, a small LCD display or alike. When the personal banking, debit and credit accounts without their 
security co -processor 122 processes transactions, it also knowledge and approval. 

gains access to the tme transaction value(s) or amount(s). 65 In order to provide the above-mentioned distributed 

Therefore, the security co-processor 122 can provide the tme processing, the security co-processor 122 includes the host 

transaction amount(s) to the trusted display 128, and guar- interface 120 which preferably includes an interface 134. 
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The interface 134 acts as a "firewall" between the security and allows the computer user to safely enter the PIN. The 

co-processor 122 and the computer 144. In this specification security co -processor 122 also acknowledges the PIN 

what is meant by firewall is restricting host access to data request via message 320, 

and allowing approved security operations to be performed a purchase request message 322 from the computer 114 

in the security co-processor 122. Therefore, the computer S prompts the security co-processor 122 to process the PIN 

114 docs not have full access to data in the secure computing and the sensitive data via the purchase application, including 

environment 104. providing encryption of the sensitive data and authentication 

For example, the interface 134 can prevent the computer of the purchase request. The security co-processor 122 then 
114 from commanding the security co-processor 122 to hands to the computer 114 a purchase response message 324 
allow the computer 114 to read all the memory of the 10 which contains the encrypted data and authenticated pur- 
security co-processor 122. Conversely, the interface 134 chase request message. The computer 114 can then forward 
allows the computer 114 to command the security the purchase response message 324 via the network 110 to 
co-processor 122 to perform certain other transactions (no any one of the electronic transaction parties, 
matter how much attack software is present in the computer Computer 114 receives a reply from the electronic trans- 
114). 1^ action party which is a purchase authorization or denial. 

The interface 134 functionality is generally enforced by a Computer 114 hands this message to the security 

well-known application programing interface (API) which co-processor U2, which verifies the cryptographic signature 

defines how the computer 114 and the security co-processor on it to validate the electronic transaction party. The result- 

122 may communicate with each other. Preferably, the API ing verified authorization or denial message 328 is handed to 

is directed toward electronic transactions applications, par- ^ the computer 114. Finally, a purchase request end message 

ticularly commercial electronic transactions. However, it 330 is sent by computer 114 to the security co-processor 112 

should be understood that the API can be directed toward which acknowledges widi a purchase ended message 332. 

other types of electronic transactions without departing from The above described model of interface communication 

the scope and spirit of the present invention. protocol for the enforcement of the interface 134 fuoction- 

The interface 134 functionality is described hereinbelow ality highlights the distributed processing advantage pro- 

in conjunction with FIGS. 4 and 5. FIG. 5 illustrated a vided by the secure computing environment 104. As 

firewall including an interface communication protocol for demonstrated, the computer 114 has no direct access to the 

secure electronic transactions in a system with the security sensitive data throughout the entire electronic transaction 

co-processor in accordance with the present invention. The process. 

API enforces the interface 134 functionality by utilizing an The security co -processor 122 is another important fea- 

interface communication protocol defining how the com- turc of the present invention. FIG. 6 is a detailed block 

puter 114 and the security co-processor 122 may commu- diagram of a security co-processor 400 in accordance with 

nicate with each other. the present invention. 

The interface conomunication protocol for secure elec- 35 As illustrated in FIG. 6, the security co-processor 400 

tronic transactions involving, for example, credit purchases, includes a processor 410 (e.g. a 32 bit reduced instruction set 

is initiated by the computer 114 via a purchase start message controller (RISC)). The processor 410 is coupled to an 

302 informing the security co -processor 122 that a purchase IS 078 16 smart card interface 414 for interfacing to smart 

operation is requested. The purchase start message 302 cards 436 which conform to the IS07816 standard. The 

prompts the security co -processor 122 to activate an elec- processor 410 is further coupled to a keyboard/keypad 

tronic transactions application for credit purchases interface 416 and a display controller interface 418 for 

(purchase application). In response, the security interfacing with the trusted input device 438 and the trusted 

co-processor 122 sends to the computer 114 an acknowl- display 440, respectively. A microprocessor support 420 

edgment 304. coupled to the processor 410 includes components, such as 

Next, the computer 114 sends a request parameters mes- 45 interrupt controller and timers, needed for the operation of 

sage 306. The security co-processor 122 responds with the processor 420. 

purchase parameters 308 including a credit card brand The processor 410 is further coupled to a memory 422 and 

identifier, a transaction language, a digital signature method an external memory interface 426. The memory 422 pref- 

such as a physical or a virtual token and other relevant erably includes a read only memory (ROM) 444 and a 

parameters. The computer 114 then sends a get identity 50 random access memory (RAM) 446. In the ROM 444 

request 310 prompting the security co-processor 122 to resides a security program code which includes one or more 

accept digital identities of the computer users which are of the electronic transactions applications. Temporary 

parties to the electronic transaction. In response, the security variables, display images, etc., are placed in the RAM 446. 

co-processor 122 sends an identification resource message The processor is additionally coupled to a host computer 

312 acknowledging that the security co -processor 122 has 55 interface 412 which includes interfaces such as a tmivcrsal 

allocated resources for identification processing. service bus (USB) interface 430, a PS/2® interface 432, and 

Next, the computer 114 sends the digital identities 314 of an RS-232 interface 434 for interfacing with computers 442. 

the electronic transaction parties, typically in the form of One or all of these interfaces 430, 432 and 434, can be used 

digital certificates. The security co-processor 122 responds at one time to interface with one or more of the computers 

with an identities valid message 316. During processing of 60 442. 

the digital identities data, the security co-processor 122 As explained, the security co-processor 400 maintains 
stores digital identities which have not been processed control over the local processing of the sensitive data. An 
before. The computer 114 then sends a PIN request message important aspect of the local processing is performed by a 
318 prompting the computer user to enter the PIN for cryptographic controller unit 426 within the security 
unlocking the sensitive data in the smart card 126. In 65 co-processor 400. The processor 410 is coupled to the 
response, the security co-processor 122 enters into the cryptographic controller unit 426 for controUing its opera- 
secure mode, turns on the secure mode indicator (LED 132), tions. 
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When the sensitive data is captured locally in the security 
co-processor 400, it is then encrypted (i.e., scrambled) in the 
cryptographic controller unit 426, so that when the sensitive 
data is handed to the computers 442 for transmission 
through the network (not shown) it is in encrypted form. 
Each of the electronic transaction parties receiving the 
encrypted sensitive data has a descrambler suitable for 
decrypting the sensitive data. 

In the system with the security co-processor in accordance 
with the present invention messages are "signed" using 
preferably a secure hash. Similar in principle to the above- 
mentioned pubhc-private-key cryptography, the secure hash 
is a one-way, collision free cryptography algorithm akin to 
a compression algorithm. Collision free means that for any 
single input there is a unique corresponding hash output. 
That is, if two segments of data are identical except for one 
bit, two entirely different hash outputs would resxilt. One- 
way means that there is no feasible way to derive any of the 
input data from the hash value. Secure hash makes it very 
difficult to electronically forge signatures because is requires 
experimentation with an endless number of inputs only one 
of which may produce the particular hash output. 

For example, smart cards may have the private-key and 
sensitive data such as, an account number (e.g., debit 
account), and the digital certificate which is equivalent to the 
digital identity and within which the public-key is embed- 
ded. The smart card owner knows the PIN that unlocks the 
account. 

Thus, in operation, the system in accordance with the 
present invention (as described in conjunction with FIG. 4 
above) reads from the smart card the account number, the 
digital certificate and, optionally, the private-key into the 
security co-processor (122), and then it prompts the smart 
card owner to enter the PIN via the trusted input device 
(130). The interface (134) operates to protects the sensitive 
data from being obtained by the computer (114) without first 
being encrypted. Hence, all of the secure processing of the 
electronic transaction application is then performed in the 
secure computing environment (104) in order to preserve the 
integrity of the sensitive data. The sensitive data is encrypted 
using preferably a symmetric or asymmetric encryption 
algorithm and then it is combined with other parts of the 
message such as the transaction amount. The message is 
then electronically signed. 

FIG. 7 is a flow diagram of the digital signing process for 
authenticating electronic transactions in the system with the 
security co-processor. First, a secure hash of the sensitive 
data is performed, via step 550. For reasons rooted in 
common security industry practice, private-keys should 
never come off the smart cards. This is why the hash output 
is handed to the smart card, via step 552, to be encrypted 
with the private-key in the smart card, via step 554. 

The private -key is a long string of bits (typically 1024 
bits) which is typically embedded in the smart card in a 
trusted secure environment of the issuer (e.g., American 
Express). Therefore, if the issuer provides a smart card with 
such a private-key and it takes the PIN to unlock the 
private -key, then it would not be possible for someone to 
impersonate the smart card holder. As a result, electronic 
transactions performed by the smart card holder wUl be 
provable and the smart card holder cannot repudiate them 
(i.e., participation of the smart card holder in the electronic 
transaction is verifiable and the smart card holder cannot 
refuse to comply after the electronic transaction is 
completed). 

Messages signed with the private-key are then handed 
over to the computer (114) (FIG. 4) for transmission through 
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the network (110). At the other end, a bank or other 
transaction partner(s) have their own security mechanism for 
decrypting the message. 

In one embodiment of the present invention biometric 

^ data such as retinal scan, thumbprint, etc. is embedded in the 
smart card. The smart card holder provides a biometric data 
sample and enters the PIN. The combination of the biometric 
data and the PIN precludes repudiation of the electronic 
transaction because it is a substantially undisputed proof that 

^0 the smart card holder was authorized to conduct the elec- 
tronic transactions and did conduct the particular electronic' 
transactions. In this architecture the biometric data therefore 
is never resident in the nonsecure computing environment. 

Pre-verification of digital certificates of transacting par- 
ties saves verification processing time especially in a high 
volume, high frequency electronic transactions environ- 
ment. Pre-verified digital certificates of transacting parties 
can be stored for future accelerated use (without having to 
repeat the verification process). Instead of a certificate cache 
in a conventional system which can be compromised by 
adding a false certificate, a trusted certificate cache is 
provided in the system in accordance with the present 
invention. The tmsted certificate cache is typically resident 
in a RAM. The trusted certificate cache in the secure 
computing environment holds the pre-verified digital cer- 
tificates which, by reason of the interface, cannot be com- 
promised. Once a digital certificate has been verified, an API 
command can be used to store the certificate in the trusted 
certificate cache. 

Caching of verified certificates speeds validation of cer- 
tificate chains. To verify the issuer's signature on a certifi- 
cate requires a computationally very expensive crypto- 
graphic signature verification. Certificate caching means that 

25 the expensive signature verification only has to occur once, 
at the time that the certificate is verified before being 
accepted into the cache. Once accepted, the certificate can be 
used without checking the issuer's signature each time. 
One embodiment of the present invention includes a two 

40 tier memory which provides greater processing capacity to 
the security co -processor. FIG. 8 is a block diagram of a two 
tier memory system in accordance with the present inven- 
tion. The security co-processor 400 (as in FIG. 6) includes 
a built-in RAM 446. In the secure computing environment, 

45 the security co-processor 400 is also coupled to an external 
RAM 602 via the external RAM interface 426. Access by the 
computer 610 to the built-in RAM 446 and the external 
RAM 602 is prevented by the interface 616 within the host 
computer interface 412. The built-in RAM 446 (a 1024 bit 

50 memory) is embedded in the security co-processor 400 chip. 
Sensitive data is kept in the built-in RAM 446. The external 
RAM 602 is a high volume commodity device external to 
the security co-processor 400 (a 128 KBytes memory). 
Encrypted sensitive data, digital certificates and temporary 

55 variables are stored in the external RAM 602. It would take 
an expensive ($50,000) logic analyzer to capture data pass- 
ing to and from the external RAM 602. Therefore, the data 
is not easily captured, and is still protected from software 
attacks. 

60 When the built-in RAM 446 is temporarily full the 
security co-processor can perform cryptopaging which 
means that the sensitive data can be encrypted and tempo- 
rarily placed in the external RAM 602, or the host RAM 612 
or system disk 614. The external RAM 602 can be also used 

65 for the trusted certificate cache 604 for holding the pre- 
approved digital certificates. To further discuss this feature 
refer now to FIGS. 8 and 9 together. 
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A digital certificate has a validity period during which it 
is valid. Some certificates also have additional validity 
period limitations to limit the usage of the certificate's 
corresponding private key to perform signatures to a period 
which ends sooner, so that the certificate can be used to 
verify things which its private key has signed even after its 
private key can not be used to perform signatures. These 
limitations are added in certificate extensions. 

FIG. 9 is a flow diagram of building a trusted certificate 
cache 604 in the security co-processor. Building the trusted 
certificate cache begins by waiting for a new digital 
certificate, via step 700. With each new certificate the 
process repeats. Once a certificate is received (and decoded 
if required) via step 702, its cryptographic hash or other 
unique data is compared against the certificates already 
residing in the cache via step 704. If the new certificate is 
already present in the cache, its validity dates and optional 
limiting extensions are verified via step 712, If the certificate 
is still valid via step 714 then it is accepted into the 
certificate cache via step 718. Alternatively if the certificate 
validity checked in step 712 arc not valid via step 714, the 
new certificate is rejected via step 716. 

Alternatively, if the new certificate is not already present 
in the cache as determined by step 704, then the cache is 
checked for the presence of the certificate's signing issuer 
certificate via step 706. If the issuer's certificate is not 
present in the cache, then the certificate is rejected via step 
716. 

If the certificate's issuer is present in the cache via step 
706, then the issuer's signature on the certificate is checked 
in step 708. If the signature is not vafid via step 710, the 
certificate is rejected via step 716. If the issuer's certificate 
is valid via step 710, then the certificate's validity and 
optional extensions are checked via step 714. If the certifi- 
cate is still valid via step 714 then it is accepted into the 
certificate cache via step 718. Alternadvely if the certificate 
validity checked in step 712 are not valid via step 714, the 
new certificate is rejected via step 716. Accordingly, the 
gradual building of the cache 604 increasingly saves pro- 
cessing time spent on digital certification verification. 

Finally, the system with the security co-processor in 
accordance with the present invention provides for the use of 
cheaper smart cards. Smart cards used with the system in 
accordance with the present invention, require less built-in 
functionality than conventional smart cards used in conven- 
tional systems because most of the built-in fimctionality is 
included in the security co-processor. A security 
co-processor and a number of smart cards with reduced 
built-in functionahty cost less than the total cost of the same 
number of smart cards with extensive built-in functionality. 
Therefore, the system in accordance with the present inven- 
tion can be implemented at a much lower cost than conven- 
tional systems. This reduction in cost is significant in the 
high-volume electronic transacrions environment of large 
banks and credit organizations, and corporate users. 

A method and system have been disclosed for secure 
encrypted and authenticated transactions. Although the 
present invention has been described in accordance with the 
embodiments shown, one of ordinary skill in the art will 
readily recognize that there could be variations to the 
embodiments and those variations would be within the spirit 
and scope of the present invention. Accordingly, many 
modifications may be made by one of ordinary skill in the art 
without departing from the spirit and scope of the appended 
claims. 
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What is claimed is: 

1. A system for secure transactions in a host computer, 
comprising: 

a security co-processor; and 

an interface for interfacing the security co-processor to 
the host computer, the interface including an interface 
communication protocol for restricting access by the 
host computer to data passing through the security 
co-processor, wherein secure transaction processing is 
performed locally in the security co-processor and 
non-secure transaction processing is performed in the 
host computer system. 

2. The system of claim 1, wherein the sensitive data 
includes personal data and personal identification data. 

3. The system of claim 2, wherein the interface commu- 
nication protocol is implemented in an application program- 
ming interface. 

4. The system of claim 1, wherein the system further 
includes means for providing trusted input coupled to the 
security co-processor. 

5. The system of claim 4, wherein the trusted input means 
comprises one of a keyboard and a keypad. 

6. The system of claim 5, wherein the trusted input means 
includes a secure mode indicator for indicating a secure 
mode in response to requests from the host computer for 
keyboard entries of the sensitive data including the personal 
identification data. 

7. The system of claim 6, wherein the secure mode 
indicator includes a UED. 

8. The system of claim 4, wherein the system further 
includes a smart card interface coupled to the security 
co-processor, the smart card interface for interfacing with 
smart cards which include the personal data and a private 
key. 

9. The system of claim 8, wherein the system further 
includes a trusted display coupled to the security 
co-processor for providing a visual feedback and true trans- 
action information. 

10. The system of claim 9, in which the security 
co-processor includes: 

a microprocessor; 

a microprocessor support coupled to the microprocessor; 

a display interface coupled to the microprocessor, the 
display interface for providing the visual feedback and 
the true transaction information to the trusted display; 

first means interfacing between the microprocessor and 
the trusted input means; 

second means interfacing between the microprocessor 
and the smart card interface; 

a memory coupled to the microprocessor; 

an external memory interface coupled to the micropro- 
cessor; the external memory interface for interfacing 
with an external memory; 

a cryptographic controller unit coupled to the 
microprocessor, the cryptographic controller unit for 
providing data in encrypted form; and 

third means for interfacing between the microprocessor 
and a plurality of computer systems. 

11. The system of claim 10, in which a two tier memory 
comprises the memory and the external memory, wherein 
the memory is for storing a transaction application and data 
including the sensitive data and the external memory is for 
storing temporary variables and a certificate cache. 

12. The system of claim 10, in which the cryptographic 
unit performs an asymmetric or symmetric encryption of the 
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sensitive data in order to provide the sensitive data in 
encrypted form, 

13. The system of claim 12, in which the sensitive data in 
the encrypted form is wrapped in unencrypted non-sensitive 
data to form a message, wherein the message is signed in the 5 
smart card with the private-key and is then handed to one of 
the plurality of computer systems for further transmission to 

a transaction party. 

14. A system for secure transactions in a host computer, 
comprising: 30 

a security co -processor; 

an interface for interfacing the security co-processor to 
the host computer, the interface including an interface 
communication protocol for restricting access by the 
host computer to data passing through the security 
co-processor; and 

means for providing trusted input coupled to the security 
co-processor, wherein secure transaction processing is 
performed locally in the security co-processor and 
non-secure transaction processing is performed in tbc 
host computer system. 

15. The system of claim 14, wherein the system further 
includes a smart card interface coupled to the security 
co-processor for interfacing with smart cards. 

16. The system of claim 15, wherein the system further 
includes a trusted display coupled to the security 
co-processor for providing a visual feedback and true trans- 
action information. 

17. A system for secure transactions in a host computer, 
comprising: 

a security co -processor, the security co -processor includ- 
ing a processor, a processor support coupled to the 
processor; a display interface coupled to the processor, 
first interface means for receiving trusted input, the first 35 
interface means being coupled to the processor, smart 
card interface means coupled to the processor, a 
memory coupled to the processor, an external memory 
interface coupled to the processor, a cryptographic unit 
coupled to the processor, and second interface means 40 
coupled to the processor, the second interfacing means 
for interfacing with a plurality of computer systems; 

an interface for interfacing between the security 
co-processor and the host computer, the interface 
including an interface communication protocol for 45 
restricting access by the host computer to data passing 
through the security co -processor, wherein the interface 
is coupled to the second interface means; 

means for providing tmsted input coupled to the security 
co-processor via the first interface means; 

a smart card interface coupled to the smart card interface 
means of the security co-processor, the smart card 
interface for interfacing between the security 
co-processor and smart cards; and 

a trusted display coupled to the display interface of the 
security co-processor for providing a visual feedback 
and true transaction information, wherein secure trans- 
action processing is performed locally in the security 
co-processor and non-secure transaction processing is 
performed in the host computer system. 

18. A method for secure transactions in a host computer, 
the method comprising the steps of: 

a) providing a security co-processor; and 

b) providing a interface for interfacing the security 6S 
coprocessor to the host computer, the interface includ- 
ing an interface communication protocol for restricting 
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access by the host computer to data passing through the 
security co-processor, wherein secure transaction pro- 
cessing is performed locally in the security 
co-processor and non-secure transaction processing is 
performed in the host computer system. 

19. The method of claim 18, wherein the interface com- 
munication protocol is implemented in an application pro- 
gramming interface. 

20. The method of claim 18, wherein the method further 
includes the step of: 

c) providing means for providing trusted input coupled to 
the security co-processor. 

21. The method of claim 20, wherein the method further 
includes the step of: 

d) providing a second interface coupled to the security 
co-processor for receiving sensitive data from a smart 
card. 

22. The method of claim 21, wherein the method further 
includes the step of: 

e) providing a trusted display coupled to the security 
CO -processor for providing a visual feedback and true 
transaction information. 

23. The method of claim 22, wherein the security 
co-processor includes: 

a processor; 

a processor support coupled to the processor; 
a display interface coupled to the processor; 
first interfacing means for interfacing with one of a 

keyboard and a keypad, the first interfacing means 

being coupled to the processor; 
a smart card interface coupled to the processor; 
a memory coupled to the processor; 
an external memory interface coupled to the processor; 
a cryptographic unit coupled to the processor; and 
second interfacing means for interfacing with a plurality 

of computer systems, the second interfacing means 

being coupled to the processor. 

24. The method of claim 23, wherein the method further 
includes the step of; 

f) executing a transaction application via the processor, 
wherein the transaction application is responsive to 
commimications from the host computer that is con- 
ducted via a firewall, wherein the transaction applica- 
tion performs locally the secure transaction processing. 

25. The method of claim 24, wherein the executing step 
f) further includes the step of: 

fl) indicating a secure mode in response to the commu- 
nications from the host computer wherein keyboard 
entry of sensitive data is requested. 

26. The method of claim 25, wherein the processor 
indicates a secure mode by turning on a LED. 

27. The method of claim 25, wherein the executing step 
Q further includes the step of: 

f2) providing data to the trusted display in order to 
provide a visual feedback during the keyboard entry of 
sensitive data and for displaying the true transaction 
information. 

28. The method of claim 27, wherein the executing step 
f) further includes the step of: 

f3) performing a encryption of the sensitive data in the 
cryptographic unit in order to provide the sensitive data 
in encrypted form. 

29. The method of claim 28, wherein the encryption is a 
symmetric or asymmetric encryption operation of the sen- 
sitive data. 
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30. The system of claim 28, wherein the executing step f) 
further includes the steps of: 

f4) transferring the message to a smart card via the smart 

card interface for signing; 
f5) signing the message in the smart card with a private- ^ 

key; and 

f6) handing the message to one of the plurality of com- 
puter systems for further transmission to a transaction 
party. ,0 

31. The method of claim 30, wherem the executmg step 
f) further includes the step of: 

f7) building a certificate cache with pre-verified and 
validated certificates indicating identities belonging to 
sources of messages, wherein the certificate cache is 
included in one of the memory and an external memory, 
and wherein the external memory is coupled to the 
processor via the external memory interface. 

32. The method of claim 31, wherein the certificate cache 
building step f7) further includes the steps of: 20 

f7a) determining if the certificate exists in the certificate 
cache as a pre-verified certificate; 

f7b) determining if an issuer certificate within the certifi- 
cate exists in the certificate cache if the certificate does 
not exists in the certificate cache; ^5 

f7c) verifying the vahdity of the issuer certificate if the 
issuer certificate exist in the certificate cache and the 
certificate does not exists in the certificate cache; 

f7d) rejecting the message if the issuer certificate is 
invalid; and 

f7e) waiting for a new certificate. 

33. The method of claim 31, wherein the certificate cache 
building step f7) further includes the steps of: 

f7a) determining if the certificate exists in the certificate 35 
cache as a pre-verified certificate; 

f7b) determining if an issuer certificate within the certifi- 
cate exists in the certificate cache if the certificate does 
not exists in the certificate cache; 

f7c) verifying the vahdity of the issuer certificate if the 
issuer certificate exists in the certificate cache and the 
certificate does not exists in the certificate cache; 

f7d) verifying validity of certificate extensions if the 
certificate does not exist in the certificate cache and the 
issuer certificate is valid; 

f7e) storing the certificate in the certificate cache if the 
certificate extensions arc valid, the issuer certificate is 
valid, and the certificate does not exists in the certificate 
cache; and 50 

f7f) waiting for a new certificate. 

34. The method of claim 31, wherein the certificate cache 
building step f7) further includes the steps of: 
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f7a) determining if the certificate exists in the certificate 

cache as a pre-verified certificate; 
f7d) verifying validity of certificate extensions if the 

certificate exists in the certificate cache; 
f7e) storing the certificate in the certificate cache if the 

certificate extensions are valid and the certificate exists 

in the certificate cache; and 
f7f) waiting for a new certificate. 

35. The method of claim 31, wherein the executing step 
f) further includes the step of: 

f8) processing a first biometric data provided to the 
security co-processor and a second biometric data 
resident on the smart card, wherein the first biometric 
data can be verified against the second biometric data. 

36. A computer readable medium including program 
instructions for secure encrypted and authenticated 
transactions, the program instructions being executed via a 
security co-processor, the security co-processor communi- 
cating with a host computer via a host interface including a 
firewall, the firewall having functionality being enforced by 
an interface communication protocol for restricting access 
by the host computer to data passing through the security 
co-processor, the program instructions for: 

a) indicating a secure mode in response to communica- 
tions from the host computer wherein a keyboard entry 
of sensitive data is requested; 

b) providing data to a trusted display in order to provide 
a visual feedback during the keyboard entry of the 
sensitive data and for displaying true transaction infor- 
mation; 

c) performing an encryption of tiie sensitive data in a 
cryptographic unit within the security co-processor in 
order to provide the sensitive data in an encrypted 
form; 

d) computing a hash of a message in order to form a 
mechanism for signature; 

e) transferring the hash to a smart card for signing; 

f) signing the message in the smart card with a private - 
key; 

g) handing the message to the host computer for further 
transmission to a transaction party; and 

h) building a certificate cache with pre-verified and vali- 
dated certificates indicating identities belonging to 
sources of messages received by the security 
co-processor, wherein secure transaction processing is 
performed locally in the security co-processor and 
non-secure transaction processing is performed in the 
host computer. 

« « « )(c * 
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